Search the Community

Thank you very much for your quick response

Hello there. I was making a thread to list a few changes and possibly bugs to Kaspersky Standard 21.17 transition to 21.18 and now you've mentioned scan/verify files quick menu using mouse cursor no longer exist have made open my eyes. Going have to edit my thread about this. And thanks for sharing this finding.

Hello @George Whittle, Welcome! Read: Turn off/on automatic display of the onscreen keyboard - it needs to be *unchecked* Thank you🙏 Flood🐳+🐋

This is just a REAL shame to broke user's PC like that , never seen this before !!!!!! the up^date of 23/08/2023 just broke my entire computer : no mouse, no keyboard ... and system in hibernate mode !!!!!!!!!!!!!!!!!! What can i do to recover my computer ??????? usb fix : just shit, 1 change and no keyboard or mouse ???? Is there skilled ingeneer at kasper lab ??? You just waste my time, and week end. just a question , did i, or your customer, allow you to modify .sys file in order to put YOUR keyboard or mouse sniffer ????? That just WEIRD. in 30 year of carreer i never seen that sort of bullshit. really. A product aiming to protect you, and we paid fopr that, is just destroying your datas !!! what can i do ? just rescue KS 18 (linux in fact) cd is working !!! ?????????????????? in fact the REAL virus : is virus vendor themself. they create them, in order to survive !!! i the paid release of your malware !

For what it's worth, I've been having this "VPN fails to connect and freezes" problem about once a day since I (clean) installed the new suite of products in December. I don't know how to fix it for good, BUT! This is the low-effort-required quick-fix that I discovered and use every time it happens: When it freezes, open the Task Manager and find THIS "Kaspersky Lab Launcher" process (there are three; this one is only for the VPN and will keep your main Kaspersky app still running) Right-click on the Launcher process (not the VPN service in the expanded menu) and select "End Task." This will shut down the VPN app. Manually launch the VPN app again; it should now work (at least it does, for me... until the next time it freezes) It's easier than rebooting your computer or reinstalling the VPN, at least. Hopefully the issue will be properly resolved soon! My info: Windows 10 x64 Home 22H2 Kaspersky Premium 21.15.8.493(a) internet connection via ethernet cable HP Pavilion laptop

Simple. In my case, switching between languages is done with Ctrl+Fn+F12 and Ctrl+Fn+F5 when you are on the main screen of Kaspersky Standard. (The official advice from Kaspersky was Ctrl+F12 and Ctrl+F5, but for my keyboard an additional "Fn" press was required). Please try this.

Hello @S.E., Welcome! Uncheck the options (you) require in: Secure Data Input settings - image 1 OR Add an exclusion for specific websites, see image 1 above & image 2 below Result: Any issues or concerns please post back? Thank you🙏 Flood🐳+🐋 Resource: How to configure protection of data entered on the computer keyboard

I have kaspersky premium given to me but I'm not the account owner. I have read a couple of threads on here and some of the documentation. But it remains a little unclear and vague. What can the account owner specifically access on my device? What can they specifically see? What can they specifically do? Can I please get clear definitive answer please? For example: -can they see file list, names and paths? -can they see other devices and hardware connected? Think a PC running kaspersky with connected external drive, camera, network PC and so forth. -can they see logins and passwords using the password manager? In a thread I saw someone say no, but the official documentation for shared accounts in password manager data sync seems to indicate yes? -can they see what programs or software is installed? -can they see optimization suggestions, PC startup suggestions and so on that premium shows the user? -can they see what identity searches were done or what identities are being protected? A privacy protection function of premium that shows the user if their data has been leaked elsewhere -can they see vault and content? -can they see safe kids users, when accessed and so forth? -can they run quick scan? Full scan? If yes, in the results of these, can they see any of the above? What if the scan shows an issue or infection can they then see any of the above? -can they see what modules are not installed or used? Eg VPN, password manager. And can they enable it remotely anyway? -can they update the signatures DB? -what else can they do? -what else can they see?

Hello @ahmad98, Welcome! Not enough information, please share with us: OS version & build, refer: https://support.kaspersky.com/common/diagnostics/15026 Kaspersky Free version, refer: on the Windows Taskbar or hidden icons, rightclick the Kaspersky icon, select About? Error or errors when Keyboard does not work - post full-screen screen prints? In Windows Device Manager - what is the Keyboard status? In Windows Device Manager - has Scan for changes been run? Has the Windows Keyboard Troubleshooter been run - what are the results? Which solutions have been tried - provide details of each solution please? Read: keyboard stopped working topics. Please post back? Thank you? Flood?+?

Hello @Rich_in_HaPA, Welcome! Yes. Ok. OK. You can't - it's by design. There's been a multitude of complaints, Kaspersky appears not to have heard them. You may wish to log a request, on the support page, fill in an Email or Chat, then select Feedback, I have a Suggestion, or Feedback, I have a Complaint template - provide a detailed history & explanation/reasons for the request. Support may communicate with you & discuss the proposal. All requests go thru the relevant team/s, not all requests are successful & even successful requests may take a long time to be implemented. Please share the outcome with the Community, when it's available? Thank you? Flood?+? Resources: Very little info for Secure Keyboard Input - in Kaspersky Internet Security for Mac library. Existing Community topics, generic filter: Secure Keyboard Input is enabled Quick Launch Keyboard

I am using KSC 2021 and I have faced the same issue. When I used the alibaba.com website the “Secure Keyboard input” kicked in when i tried to enter a search. When I shifted to Microsoft Office 2019 applications I noticed that my hardware keyboard froze except for the “enter” and “backspace” keys but remained functional on this website. I chatted with “Support” and after several attempts, they deduced that the issue was related to the website and not Kaspersky. The best solution offered was to exclude this website from the “Secure Keyboard Input” protection. Which we tested. The strange result is that after this, only when I revert to the alibaba.com website and type a search without the “Secure Keyboard Input” protection will my hardware keyboard unfreeze. So I kept the exclusion awaiting a better solution. Then something worst happened. Any time I type on any webpage triggering the “Secure Keyboard Input” and associated popup, my hardware keyboard freezes. Then, only when I reopen the alibaba.com webpage and type a search on it does my hardware keyboard unfreeze on this page and subsequently on other pages and on the Microsoft Office 2019 applications. I use Firefox but the same is valid for Edge. I have serious doubts that this website does not tolerate “Secure Keyboard Input” and may have injected some form of keylogger which is affecting “Secure Keyboard Input” altogether. Any Thoughts?

Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials. Environment/Preconditions KSC - 12 KSWS - 11.0.1.897 You may find a massive increase in disk usage from the folder report under the Kaspersky folder. The size of the report folder will increase from around 2GB to 12GB, the files in the report folder have random name (like 340a13d9-2a50-4c4e-94d6-82a79d80da4b), which rapidly grows and consumes disk space. The file can be deleted to resolve the disk space full issue, which itself can cause many issues (can't log in to the server, KSWS stop, etc) To delete the file: Stop KSWS. Add permission/owner for the login account. Right-click and delete file. This issue is caused by the Task log setting under Log and Notification tab in the KSWS policy. To avoid the detailed events issue: Ensure that there are no Informational events in the Importance level option in each Component. Remove task logs older than (days) is selected. In case you do the above step and the random file is still keep growing rapidly (100 MB per hour), it may be causes by the flooding event. You can check the event flooding by using "DB Browser for SQLite". For example, the log above is generated by the Application launch control component. You may solve this issue by disabling Application launch control log.

Hi, Thanks for your quick answer. Unfortunately, it doesn't correct my problem. Obviously, I tried once again to disable AV and upload. The problem is still here. I was too quick in my conclusions to think the VA was the culprit.

Hi again, thanks for replying. I am searching in the actual vault (KPM app) not in the browser - (I know it sounds strange, it's really weird, presumably a bug). I have sync'd (it auto syncs but I checked also). I tried to take a screenshot to show you all is up to date but it seems that KPM cleverly prevents screenshots whilst open. You asked "iStorm cannot be found in the actual KPM vault application, on the computer", is that accurate please? " Yes, that is accurate. Autosave & autofill is ticked for 1. logins & password & 3. Bank cards (not 2. addresses). Thinking ahead, I thought you would recommend next that I reinstall this app on my PC so as I also use the iPhone and iPad KPM app every day I tried searching on that and it also doesn't appear there. The common denominator then is the website itself and the main thing I can think that's different to maybe all other sites is that it's mainly in Greek language (I have to use Google Chrome translate on the site). I did wonder whether it has saved in KPM in the Greek alphabet but when visiting the site the URL is in English as you can see from my screenshots. I did try translate and searching for 'καταιγίδα' in case but no luck. I have tried in KPM app scrolling down all entries to letter 'i' but there's nothing for istorm there. I am looking in 'all' and not 'favourites' It doesn't seem to appear in 'recents' but not all recent sites do (upon testing). Strangely when trying to log in on iPhone, tapping on the login name/email which displays the 'key' icon above the keyboard, on tapping the key which opens KPM app, it says 'no matching password' and 'show passwords' can't find it in search. Only the Chrome browser on PC recognises the website address and gives me the green KPM icon as per screenshots you've seen. I can't think of any other info to help identify this strange issue.

Hello @booger, Welcome! (please) Read before you create a new topic! Open KIS, select Settings, select Additional, uncheck Enable Secure Keyboard Input, select Save, select Save (to confirm the action). 💥 However, there’s also a tiny Quick launch keyboard icon that generates a Secure Keyboard Input is enabled popup → image 4, that drives many Kaspersky subscribers nuts, that cannot be disabled or managed in any way, discussed in topic raised by @Killeriguana How do I disable the "Secure Keyboard Input is enabled" pop-up WITHOUT disabling the Secure Input feature itself? Thank you🙏 Flood🐳+🐋 References: Secure Keyboard Input About protection of personal data on the Internet How to configure protection of data entered on the computer keyboard

Harlan thank you for quick responses, i sent you files, please check your inbox.

Greetings folks, I think I asked this question years ago on the old forums, and I can't remember the answer. Does Quick scan and Full scan include a rootkit scan? I only ever run Quick scans, the only time I will run a Full scan is if Kaspersky detects something in a Quick scan. I also have background/rootkit scan turned off, as I prefer to run all scans manually. It occurred to me the other day that if this function is turned off and Quick scans don't include Rootkit scans then I'm never actually scanning my PC for rootkits.

I appreciate your quick support and response. Thank you so much

Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials. There is an example of a step-by-step instruction to configure Single-Sign-On (SSO) for KATA 4.1/5+/6+ into HOME.LAB domain. Prerequisites Deployed Central Node Server Name should be FQDN. (In current case FQDN name of Central Node - kata-cn.home.lab) It can be checked via Settings/Network Settings of Central Node. A and PTR record should be set for Central Node in DNS. Domain User Account should be created to set up Kerberos authentication by means of keytab file (in current case Domain User Account is kata-sign-on). AES256-SHA1 encryption algorithm should be enabled into created Domain User Account. Step-by-step guide to create keytab file On Domain Controller: Launch CMD As Administrator Execute the following command to create keytab file C:\Windows\system32\ktpass.exe -princ HTTP/kata-cn.home.lab@HOME.LAB -mapuser kata-sing-on@HOME.LAB -crypto AES256-SHA1 -ptype KRB5_NT_PRINCIPAL -pass * +dumpsalt -out C:\TEMP\kata-sgn-on.keytab The utility requests the kata-sign-on user password when executing the command. The SPN of the selected server is added to the created keytab file. The generated salt is displayed on the screen: Hashing password with salt "<hash value>" For multiple Central Node servers you need to save "<hash value>" of hashing password to add an SPN for each subsequent Central Node servers further using ktpass.exe utility. On Central Node Web Interface Move to Settings/Users/Active Directory Integration Add the created keytab file: Keytab file status section contains File which contains SPN for this server The file contains section HTTP/*****@*****.tld Under Users tab click Add and select Domain user account. Set domain user as <username>@<domain> On client machine Host should be joined to the same domain. Domain user should be logged in with account added into the Central Node. Open Control Panel/Internet Options Click on Security and select Local Intranet Click on Sites and then on Advanced Add FQDN of central node - kata-cn.home.lab Close windows: Launch Web Browser and access to Web Interface of the Central Node https://kata-cn.home.lab:8443 and it should be opened without asking any Login/Password.

Thank you for quick reply. I am waiting for result from your team

Window 7 X64 build 7600 Version 21.2.16.590© Whenever I went to bank web site, the virtual keyboard show up. I appreciate it and not much problem about it. However, whenever the virtual keyboard show up. My real keyboard are blocked from any character input. I could see ctrl, alt, backspace, tab are working through the virtual keyboard. But my real keyboard cannot use any keys, like 1-0 and a-z, even after closing every program. I had to restart in order to get back my keyboard. Any idea if I can turn on my keyboard after the incident??

Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials. This instruction is relevant only in case of troubleshooting incorrect loading or rendering of a web page. In order to troubleshoot issues KES network traffic related issues traffic dump is required. It is easier to analyze and does not require third-party software installation. If reproduction of the issue requires the web browser to open web pages(such as web control non-working as expected, web page not loading, and so on), the tests should be performed in Incognito mode(also known as private browsing). Chrome browser: Ctrl+Shift+N or you can start browser from terminal: & "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -incognito . Starting application from terminal will make launch key visible in traces and make diagnostic easier. Firefox browser: Ctrl+Shift+P or you can start browser from terminal: & "C:\Program Files\Mozilla Firefox\firefox.exe" -private-window . Starting application from terminal will make launch key visible in traces and make diagnostic easier. Microsoft Edge: Ctrl+Shift+P Opera browser: Ctrl+Shift+N KES11/12 Instructions Disable KES11/12 Self-defense Navigate to the following registry key: x86: HKLM\SOFTWARE\KasperskyLab\protected\KES<Build version>\environment\ x64: HKLM\SOFTWARE\Wow6432Node\KasperskyLab\protected\KES<Build version>\environment\ Create a string type value named DumpNetworkTraffic : DumpNetworkTraffic = (REG_SZ)"1" Restart the product or reboot the host Traffic dump files will be saved to %ProgramData%\Kaspersky Lab\KES<Build version>\Data\traffic Once the issue is reproduced compress the whole traffic directory Do not forget to disable traffic dump collection. To do so delete DumpNetworkTraffic value.Then restart the product or reboot the host.

Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials. This article is about Kaspersky Endpoint Security for Windows (KES for Windows) aescrypt.zip and TestProgExp.zip can be found here. Remote encryption test This test requires two participating workstations: an Attacker PC and a Victim PC. Behavior Detection component has to be configured on a Victim PC to detect malware activity, protect shared folders and block connections on detection of external encryption. Step-by-step guide On a Victim PC create folder with regular office-like files: *.DOC, *.DOCX, *.XLX, *.JPG Share folder on the Victim PC, ensure that the account logged on to the Attacker PC has full access to the shared folder. Map the shared folder as a network drive on the Attacker PC. Add/unpack the aescrypt.zip archive to the Attacker PC. Add contents to the list.txt file, based on the files in a mapped folder. Since the folder is mapped, paths will look like local ones, eg. Z:\Book1.xlsx. Use the contents of file example-list.txt as an example: On an Attacker PC, launch test.bat file to start encrypting files from list.txt . Behavior Detection in KES on the Victim PC will detect the attempt and will try to perform a rollback. Full access to a share on Victim PC for an Attacker PC will be blocked (if specified in KES policy). File restoring event is logged on a protected workstation Access to a folder is blocked from an attacker's point of view Local encryption test Step-by-step guide Prepare a folder with files to get encrypted, perform tests on files *.DOC, *.DOCX, *.XLX, *.JPG. Add/unpack to this folder the attached TestProgExp.zip utility. Launch TestProgExp utility to start the encryption. Files will be encrypted in a folder with test utility Allow some time for Behavior Detection in KES to detect the attempt and perform the rollback, as well as get rid of the suspicious software: Files get restored

Is there any update on the "MR17" update? I certainly have many, many large files on the filesystems being scanned if that's the case. I've been experiencing this issue for what feels like a year or more now. Exact same symptoms as commonly reported over the last year or two. Full scan will always cause an application crash however, even when manual. System idle for many days will eventually cause a crash. Sometimes application can recover, other times application will fail to launch due to what appears to be the Kaspersky windows service locking up and cannot be restarted or stopped due to security and requires a reboot. I'm not totally comfortable submitting traces and have been watching from the sidelines.

Thanks Berny for quick answer I will collect asap , where to send it ?